Says the government hasn't caught up to digital age.

Abraham David Sofaer, a former New York federal judge, recently was presenting a paper at the National Academy of Sciences about deterring cyberattacks when he learned the feds had shut down Megaupload, seizing its domain names, in a criminal copyright infringement case.

Troubling him more than his paper on global cybersecurity (PDF) was learning that the government had seized the files of 66.6 million customers as part of its prosecution of the file-sharing site’s top officers, and was refusing to give any of the data back to its owners.

“It’s really quite outrageous, frankly,” the 74-year-old President Jimmy Carter appointee said in a recent telephone interview. “I was thinking the government hadn’t learned to be discreet in its conduct in the digital world. This is a perfect example on how they are failing to apply traditional standards in the new context.”

A former State Department legal adviser, Sofaer has teamed up—free of charge—with the Electronic Frontier Foundation in urging a federal court to set up a system to allow Megaupload users to get back their legal content.

His entry into the high-profile case comes as users increasingly turn to online storage systems and services, including Dropbox, Gmail, YouTube, ReadItLater, iCloud, and Google Drive, among others, to share and store their data—despite the fact that legal protections for cloud services are weak and servers can be shut down at any time by an aggressive prosecutor. In an unrelated copyright infringement seizure, the feds confiscated the domain of a hip-hop music blog at the behest of the recording industry, only to return it, without apology or recompense, a year later for lack of evidence.

The criminal prosecution of Megaupload targets seven individuals connected to the Hong Kong-based file-sharing site, including founder Kim Dotcom. They were indicted in January on a variety of charges, including criminal copyright infringement and conspiracy to commit money laundering.

The government said the site, which generated hundreds of millions in user fees and advertising, facilitated copyright infringement of music, television programs, electronic books, business and entertainment software, and, perhaps most damningly, movies, often before their theatrical release.

The site was so popular it leased more than 1,100 servers hosted by Carpathia in Virginia. The government copied 25 petabytes of the data, and said the rest can be erased. The Department of Justice told the federal judge overseeing the prosecution that the government has no obligation to assist anybody getting back their data, even if it’s noninfringing material.

“That’s a dangerous road,” Sofaer said.

He suggested that the government hasn’t quite caught up to the digital age. He doubts the government would take the same position with a bank it seized.

“Of course they would help customers get back their deposits,” he said. “But think about this new world. You can see very clearly that the government is acting in a manner that is indiscriminate.”

Justice Department prosecutors handling the case in the Eastern District of Virginia declined comment.

But in a recent court filing, the authorities wrote that assisting an Ohio man in getting back his company’s high school sports footage “would create a new and practically unlimited cause of action on behalf of any third party who can claim that the government’s execution of a search warrant adversely impacted a commercial relationship between the target of the search and the third party.”

Sofaer, also a former clerk to then-Supreme Court Justice William Brennan Jr. and now a Hoover Institution fellow, claims the government’s response is hogwash. All legal files could easily be retrieved, just like they were before the service was shuttered in January.

The Palo Alto, California, scholar has agreed to donate his legal services toward that goal, and wants the judge to appoint an expert to supervise the program, which would provide legal notice to former Megaupload customers that “you are entitled to have your data but not contraband material.”

“I think the government could easily live with that,” he said.

Julie Samuels is the Electronic Frontier Foundation attorney working with Sofaer, and said litigating with him “has been an absolute pleasure.”

“It’s clear that he really gets why this case matters and has the experience and perspective necessary to take the long view: If the court allows the government’s actions to go unchecked here,” she said, “we’ll be facing a world with inhibited property rights that is less friendly for innovation.”

Sofaer, who was also a former New York federal prosecutor, understands the government’s motives.

“They are eager to make cases, and to be as little bothered by the consequences as possible,” he said. “When I was a prosecutor, I probably would have been the same way.”

62 Reader Comments

the government had seized the files of 66.6 million customers as part of its prosecution of the file-sharing site’s top officers, and was refusing to give any of the data back to its owners.

My understanding was that the government hasn't "seized" any of the files. The imaged enough of the servers to make their case, and that was it. The servers and files are still with the hosting provider.

Assuming that's correct, the real problem is that they have frozen MU financial assets, so MU can't get the servers back online to conduct any business or allow users to retrieve files. That's a different issue though, while the result may be the same.

the government had seized the files of 66.6 million customers as part of its prosecution of the file-sharing site’s top officers, and was refusing to give any of the data back to its owners.

My understanding was that the government hasn't "seized" any of the files. The imaged enough of the servers to make their case, and that was it. The servers and files are still with the hosting provider.

Assuming that's correct, the real problem is that they have frozen MU financial assets, so MU can't get the servers back online to conduct any business or allow users to retrieve files. That's a different issue though, while the result may be the same.

The government has siezed the files. It's only dishonest quibbling to try and claim otherwise. They have used laws originally targeted at "evil men" to try and strip someone else of their ability to defend themselves in court.

The fact that everyone's data is inaccessable is really just a side show. Although it raises other pretty fundemental constitutional issues.

On top of the imaging that went on; the servers were dumped in a storage facility and the feds were refusing to pay the rent saying the server company Carpathia could not operate the servers or erase them or re-use them and were liable for the rent. The MPAA wanted the Feds to prevent any users from having access to any of the data stored because they might be infringing works. In other words the Feds were lobbied and ideologically "bought off" with the idea that ALL Megaupload's customers were software/content pirates. A real piece of work that Virginia court.

Others have said this before, but I'll ask again: why can't Carpathia simply put the servers back online in read-only mode, so that users can't upload new infringing content, and then register employee X as their DMCA representative. They won't be subject to basically any of the charges the government leveled against MegaUpload, users can get their legit files, and rightsholders can get infringing files taken down. Then after a couple weeks, just wipe the servers completely and start renting them out again.

> “you are entitled to have your data but not contraband material.”> “I think the government could easily live with that,” he said.

Who determines what is contraband material?

Does contraband material mean something different than copyright infringement?

Who determines what is copyright infringement?

First, anything / everything is copyrighted. If I uploaded any non trivial file, even created by myself, or my friend, it is protected by copyright. So how does one prove non-infringement?

Even if someone uploaded a small clip of a movie, or maybe even an entire tv commercial, it might be fair use, depending on how it was to be used or was being used.

So determining what is infringing is not necessarily easy.

Even the entertainment industry can't seem to get it right. Their right hand uploads something to YouTube to promote an artist, while their left hand issues a DMCA takedown on something they uploaded themself.

Actually, MegaUpload has objected to any course of action that leads to the servers being wiped and put back into service of other Carpathia customers, on the basis of their claim that the servers contain evidence necessary to their defense. So, they have told the court they're not OK with that, but they can't pay Carpathia for it, because all of their monetary assets are frozen.

I don't think seizure is really the right term for what is going on here. Surely, nobody will doubt that the government is preventing the EFF/MU/Carpathia from putting the servers back up and making files available to users again, but it cannot really be considered seizure. It is not as if the government has all the servers locked up in a basement somewhere, but at the same time they are trying to prevent anyone from accessing the data again via legal and financial means. It is sort of a semantic issue imo. They just want the government to stop preventing them from making the files available again, but they are using this specific wording to their advantage.

Technically speaking, I would not say the government seized anything either, but they sure are preventing the servers from going back up no matter how you choose to word it.

Actually, MegaUpload has objected to any course of action that leads to the servers being wiped and put back into service of other Carpathia customers, on the basis of their claim that the servers contain evidence necessary to their defense. So, they have told the court they're not OK with that, but they can't pay Carpathia for it, because all of their monetary assets are frozen.

Putting the servers back online read-only would give them access to whatever evidence they need. And make sure the prosecution downloads a copy of it too so they can't be accused of altering their copy they downloaded.

Others have said this before, but I'll ask again: why can't Carpathia simply put the servers back online in read-only mode, so that users can't upload new infringing content.

I agree in principle that a read-only state would work. But who is going to pay Carpathia to do this work?

And why would Carpathia assume the risk?

The material has already been taken off-line/seized once for having "illegal" material. It's surely still there and if Carpathia takes the active step to distribute the information, they would be at risk.

the government had seized the files of 66.6 million customers as part of its prosecution of the file-sharing site’s top officers, and was refusing to give any of the data back to its owners.

My understanding was that the government hasn't "seized" any of the files. The imaged enough of the servers to make their case, and that was it. The servers and files are still with the hosting provider.

Assuming that's correct, the real problem is that they have frozen MU financial assets, so MU can't get the servers back online to conduct any business or allow users to retrieve files. That's a different issue though, while the result may be the same.

The government has siezed the files. It's only dishonest quibbling to try and claim otherwise.

Uh, no, they haven't. You can say that they've made them inaccessible to users by preventing MU from doing business, but they haven't "seized" the files. They've publicly stated that they didn't even copy all of them.

Under your definition, then filesharers have "seized" music from the RIAA.

The material has already been taken off-line/seized once for having "illegal" material. It's surely still there and if Carpathia takes the active step to distribute the information, they would be at risk.

I guess a better read-only configuration would be for ONLY the users who uploaded the files to be able to download them, and nothing would be publicly accessible. Really, though, the brunt of the argument against MU is that they participated in and induced copyright infringement, in addition to the money laundering charges. It's hard to argue Carpathia would be doing any of that by just letting the users who originally uploaded their files download them again. With some special backdoor where the RIAA can check for infringing files, to keep them happy too.

Uh, no, they haven't. You can say that they've made them inaccessible to users by preventing MU from doing business, but they haven't "seized" the files. They've publicly stated that they didn't even copy all of them.

Under your definition, then filesharers have "seized" music from the RIAA.

Your analogy leaves out an important step. Filesharing in no way impedes the RIAA/members from doing business and continuing to distribute the music.

A closer match is that virus a while back that encrypted the Documents folder on infected machines, set a password, and sold the password to you. You still have your files but you can't do anything with them.

Uh, no, they haven't. You can say that they've made them inaccessible to users by preventing MU from doing business, but they haven't "seized" the files. They've publicly stated that they didn't even copy all of them.

So, if a group of police surround your home and refuse access to you or anyone else...they haven't seized your home, they just made your home inaccessible to users.

jcool wrote:

Under your definition, then filesharers have "seized" music from the RIAA.

The government has siezed [sic] the files. It's only dishonest quibbling to try and claim otherwise.

Copying may or may not be a seizure. Is it dishonest to explore both sides of the argument?

JEDIDIAH wrote:

They have used laws originally targeted at "evil men" to try and strip someone else of their ability to defend themselves in court.

To what law are you referring? The government is taking the position that they do not want to PAY for the forensic recovery of every MegaUpload's non-infringing content. Goodwin can still file a motion against MegaUpload to bear the cost of recovery. The government doesn't care if read access is given to the content owner, they just don't want to be liable for the costs.

Others have said this before, but I'll ask again: why can't Carpathia simply put the servers back online in read-only mode, so that users can't upload new infringing content, and then register employee X as their DMCA representative. They won't be subject to basically any of the charges the government leveled against MegaUpload, users can get their legit files, and rightsholders can get infringing files taken down. Then after a couple weeks, just wipe the servers completely and start renting them out again.

Note: I wrote this same comment a couple of days ago in the comments for another article about MU where people were asking the same question. I'm copying / pasting it here because I'm in a bit of a rush and I don't see the need to write it again from scratch . Hope it helps answer your question...

My guess is that Carpathia doesn't want to poke a stick into the legal hornets nest of server reactivation. Granted, I may be wrong. Maybe it's purely a financial decision.

Beyond the finances, though, it's probably not as easy as flipping a power switch. I have no idea what Carpathia's hosting setup is like, but I've worked in data centers with thousands of devices and recovering from power failures is not an easy process. It requires people with in depth knowledge of the systems to get everything working properly again, and more than likely that would mean getting former MU administrators pulled back in to bring everything online. I have yet to see a power failure involving thousands of devices that doesn't result in several critical devices not coming back online properly.

Then there's the issue of which accounts to open up. Do you open up everyone, even user's who's subscriptions had lapsed, so they can pull their data before it's possibly gone forever? Or do you only allow current subscribers access? And what about publicly shared files, especially those with infringing content?

On top of that, there's the issue of bandwidth. I don't know this for a fact, but I'd guess that MU was pushing enough bandwidth to cause Carpathia to have increased capacity to at least some of their data centers, and that bandwidth may have been scaled back to save cash once MU was shut down. If you think servers cost a lot, then start pricing out high capacity fiber circuits. They aren't cheap. They advertise themselves as being able to quickly scale in capacity, so they may have contracts for their bandwidth that allow them to quickly buy more or ditch some as needed, as long as they keep a certain minimum amount. Carpathia would certainly have scaled down as soon as possible, assuming they could, and bringing MU back online for a massive download from the users would require scaling up again.

The point is that Carpathia has more hurdles than just the financial and legal. They can't just turn the servers on and have everything magically back online. I'm sure there are dozens of additional problems that I haven't thought of. It would be a big process, and my guess is that it would cost hundreds of thousands if not millions of dollars before it was done. It's probably not realistic for them to attempt it without the court freeing up MU funds to pay for it.

Edit: As far as a read-only mode goes, it's my understanding that MU was leasing the servers. That would mean they're the administrators, not Carpathia. It's very possible that Carpathia has absolutely no insight into MU's systems, beyond a contract to repair them when they broke.

Your analogy leaves out an important step. Filesharing in no way impedes the RIAA/members from doing business and continuing to distribute the music.

Ok, we're all arguing English here. My point was that it's not like the government came in and took the files, took them a big building, locked them up and said, nobody can have them back. To me, that's what "seizing" implies. Taking exclusive possession of something.

Quote:

So, if a group of police surround your home and refuse access to you or anyone else...they haven't seized your home, they just made your home inaccessible to users.

Uh, no, they haven't. You can say that they've made them inaccessible to users by preventing MU from doing business, but they haven't "seized" the files. They've publicly stated that they didn't even copy all of them.

Under your definition, then filesharers have "seized" music from the RIAA.

So let me get this straight..

In your little world,

Making a digital 1:1 copy is not seizing, but making digital 1:1 copy is stealing?

By agreeing with the governments findings, that is essentially what you are saying. You can't have it both ways..

The fact that this is a file sharing infringement case, and that they would even use this defense is beyond me..

But hey, English can be a magical, vague thing. Make up your own mind.

That's true...and when someone hooks up electrodes to your testicles and makes you do a little dance a few seconds at a time, they aren't torturing you, they're extracting valuable information. They're testing the human condition. They're encouraging information sharing.

Language can always be used by spin doctors to make things sound better.

the government had seized the files of 66.6 million customers as part of its prosecution of the file-sharing site’s top officers, and was refusing to give any of the data back to its owners.

My understanding was that the government hasn't "seized" any of the files. The imaged enough of the servers to make their case, and that was it. The servers and files are still with the hosting provider.

Assuming that's correct, the real problem is that they have frozen MU financial assets, so MU can't get the servers back online to conduct any business or allow users to retrieve files. That's a different issue though, while the result may be the same.

The government has siezed the files. It's only dishonest quibbling to try and claim otherwise.

Uh, no, they haven't. You can say that they've made them inaccessible to users by preventing MU from doing business, but they haven't "seized" the files. They've publicly stated that they didn't even copy all of them.

Under your definition, then filesharers have "seized" music from the RIAA.

Schroedinger's Files.Since they copied some files, but no one knows which ones, they have basically copied any one individual's files, but they also simultaneously haven't copied any individual's files.To err on the side of caution, since we know they have copied some files, we must assume that they have copied the files of any given user, so effectively they have copied everyone's files until they state who they have or have not copied the files of.

This right here is how a democracy is supposed to work. Thank God for the EFF; I'm going to need to donate.

Anything without a balance (democratic or otherwise) is a slippery slope. Like, I don't want to imagine big business without the Sierra Club. Or the Sierra Club without big business. Ditto Democrats/Republicans, male/female, night/day, ad infinitum.

To what law are you referring? The government is taking the position that they do not want to PAY for the forensic recovery of every MegaUpload's non-infringing content. Goodwin can still file a motion against MegaUpload to bear the cost of recovery. The government doesn't care if read access is given to the content owner, they just don't want to be liable for the costs.

My understanding is that the government froze MU's assets, so even if MU wanted to pay for everyone to get their files back, they couldn't.

To what law are you referring? The government is taking the position that they do not want to PAY for the forensic recovery of every MegaUpload's non-infringing content. Goodwin can still file a motion against MegaUpload to bear the cost of recovery. The government doesn't care if read access is given to the content owner, they just don't want to be liable for the costs.

My understanding is that the government froze MU's assets, so even if MU wanted to pay for everyone to get their files back, they couldn't.

You are correct, MU's assets are frozen. A judge can unfreeze a portion of MU's funds to pay for a judgment/settlement if Goodwin wins against MU. The DOJ and MU could also reach some agreement to have MU pay for the retrieval of data or temporary reestablishment of services.

The DOJ/MPAA position given in the following articles states that they do not oppose the access of non-infringing content by their respective owners, but that they refuse to pay the bill for restoring access.

The problem is deciding what is 'contraband' and what isn't. The fact is that almost all files on MegaUpload, even TV shows/music/movies, would not fit into that category because of fair use and time-shifting principles.

The only thing they can do is put MegaUpload back up TOTALLY and drop the case, there is just no way that this is ever going to go to trial either here or in New Zealand.

The Feds should save face, admit that they allowed corporate interests to override their brains and sense of the law, and move on.